IoT inspector’s security researchers, in conjunction with CHIP magazine, tested the nine most popular home Wi-Fi routers for exploits and vulnerabilities. The results are astonishing – not only are these routers poorly protected, but they also pose a threat that security researchers identified months or years ago.
Routers tested by IoT Inspector and CHIP come from ASUS, AVM, D-Link, Edimax, Linksys, Netgear, Synology and TP-Link. They all run the latest version of their manufacturer’s firmware, and there is a good chance that the vulnerabilities found in these routers will be present in other models of the same brand.
Here are detailed findings from IoT Inspector and CHIP Magazine, including some good news that illustrates the importance of this type of research.
Results from IoT Inspector and CHIP Magazine
Before we look at all the horrible flaws in these popular routers, I need to take a moment to explain how the IoT inspector performed this test. See, IoT Inspector is a software company that sells automated security analysis tools for routers and other connected devices.
IoT Inspector runs the firmware of each router through this automated tool to check over 5,000 CVEs and other security issues. Here is what he found:
Here are the test results of IoT Inspector and CHIP:
- Nine routers have a total of 226 errors.
- TP-Link’s Archer AX6000 is the biggest culprit, suffering from 32 security bugs.
- Synology’s RT-2600ac is a close second, with 30 security flaws.
- Most identified security flaws are “high” or “medium” risk.
- Every router tested faces a known threat that was left unchecked.
However, researchers have not shared more detailed information on these safety flaws and pests. What Post a significant threat to D-Link’s DIR-X460 router. Here’s a brief excerpt – IoT inspectors find a way to send malicious firmware updates to D-Link’s DIR-X460 by extracting its encryption key.
In addition, IoT Inspector and CHIP published some common flaws found in these nine routers:
- Weak default passwords, such as “admin.”
- Hard-coded credentials in pain text – you know, encrypted data.
- Outdated Linux kernel in router firmware.
- Older multimedia and VPN functionality, which can be taken advantage of.
- Using an older version of BusyBox.
Keep that in mind anyone It can run tests, including router manufacturers. Clearly, the nine brands tested here are not taking the time to properly store their products.
The good news is that manufacturers are fixing problems.
According to CHIP Magazine, each of the nine router manufacturers responded to these tests and released firmware updates to address vulnerabilities in their products. Most of these reforms are for “low risk” risks, but this is a good start.
Here are the steps taken by each manufacturer after this investigation. Note that these bullet points are translated from the CHIP report, which is in German.
- ASUS: ASUS reviewed our results and gave us a detailed answer. ASUS patched the old BusyBox, and now it has been updated to “curl” and web server. The password issues we warned about were temporary files that this process removes when deleted. They are not a threat.
- D-Link: D-Link thanked us for the tip and published a firmware update to address the issues mentioned.
- Adimex: Edimax did not try hard to test these issues but published an update to fix some issues.
- Linksys: Linksys will resolve all issues in the “High” and “Medium” categories. It will avoid default passwords in the future, and has released a firmware update for any remaining issues. ۔
- Net gear: Net Gear staff worked hard and reviewed all issues. Net Gear believes that some of its “high-risk” vulnerabilities are not a big deal. It has rolled out an update for DNSmasq and iPerf, though other issues need to be addressed first.
- Synology: Synology is fixing the issues we encountered with the update in the Linux kernel. BusyBox and PHP will be updated, and Synology will clear its certificates. Funny thing is, all Synology devices benefit from this update.
- TP link: Updating BusyBox, CURL, and DNSmasq eliminates many TP-Link issues. It still needs a new kernel, but TP-Link plans more than 50 improvements to its firmware.
Just to be clear, the IoT inspector did not see if these patches worked. And even if they What While working, these routers are still vulnerable to known (and possibly unknown) feats.
What should you do
Whether you use one of the infected routers or not, I recommend manually updating your router’s firmware and enabling automatic updates (if they are not already enabled). Doing so ensures that your router is protected from the latest developments – or at least those that the manufacturers decide to fix.
You must also set a secure Wi-Fi password and disable features such as WPS (Wi-Fi Protected Setup) and UPnP (Universal Plug and Play), which opens your network to malware and FBI. It is regularly criticized by the government for its numerous security flaws.
And if you’re using an incredibly old router (or NAS device, for that matter), you should seriously consider upgrading. Older networking hardware is often riddled with known vulnerabilities that manufacturers simply do not care to patch.
For more information on securing your router, see our detailed guide How to geek.
Source: IoT Inspector, CHIP Magazine Blowing Computer